Cisco LWAPP PEAP username and machine authentication

Unanswered Question
Oct 17th, 2008


I have configured my Cisco wireless network to use Windows AD username and machine authentication. When I use my laptop with a Cisco AIR-CB21AG-E-K9 cardbus adapter I can see in the Cisco ACS 4.1 passed authentication logs that both the machine and my username have authenticated against Windows active directory.

When I login with a laptop with an Intel wireless adapter I can only see the machine hostname authenticating. I am also able to login with a local account on the laptop.

From documentation I believe the Wireless client should provide both machine and username authentication.

There is probably a configuration error on the WLC or ACS.

Any thoughts


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
hadbou Thu, 10/23/2008 - 14:15

Check if the Wireless EAP group policy has been configured to allow wireless devices (Laptop) to perform user and machine authentication. Configure the EAP Group policy as "user re-authentication”. This will solve the issue.

zhenningx Fri, 10/24/2008 - 08:51

I have seen the same problem. TAC told me that WLC won't generate two accounting-start for the same user session. So if the WLC generates accounting-start for machine name, it won't gerenate another accounting-start for username.



This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode